IBM Aspera Console 3.0.1

WHAT'S NEW

Welcome to this release of IBM Aspera Console for Linux (64-bit) and Windows. Console 3.0 is a major release with a new internal architecture and many new features.

The new architecture queries data from managed nodes using the Aspera Node API, rather than pushing data to the Console via the Aspera Central service. This new architecture has many advantages for scalability and robustness. Important details include the following:

Managed nodes added to a Console version prior to 3.0 still continue to use this legacy method with the database logger to report to Console 3.0, and they are annotated as “Legacy Nodes” in the nodes list.

These existing managed nodes running version 3.4.6 or higher of Enterprise Server or Point-to-Point can be converted to use the new Aspera Node API with the Convert to use Node API option in the Node edit screens. If converted, these nodes will be queried by Console using the new Node API method.

This means you will want to upgrade your nodes to at least version 3.4.6 and ideally to version 3.5.5 in order to take advantage of the scalability this new Console architecture offers.

Additional Major New Features

Node Management

You can now set up failover groups that enable Console transfers to use other managed nodes in case an error occurs with the primary node. These groups can also be used for load-balancing transfers started by Console based on the node's total transfer bandwidth.

Unmanaged nodes can now be created with domain names instead of IP addresses.

Console warns when the system clock on a node does not match the Console server's system clock.

The SSH algorithm used to connect a node for management is now configurable.

Expanded email notification with new options to define rulesets to send transfer start, success, and failure notifications based on address, file paths, users, and transfer tags.

Option to use 'cc' instead of 'bcc' to address recipients.

Additional fields available for notifications, including session ID and total expected transfer size/file count.

Email notification debugging screens are now available to non-admin users.

Reports

Reports can be generated using custom fields based on transfer session tags set by some Aspera products and available in all API transfers. For example, Faspex version 3.9.+ reports user fields from SAML single sign-on in transfer tags, allowing Console reports to include custom user attributes read from the SAML iDP. Console Smart Transfers and all web services and Connect Javascript API transfers include optional session tags, which can now be included in Console reports.

Option to create Basic report types that do not use file-level information for calculations.

Source and destination paths, Faspex metadata, and the SSH (transfer) user are now available in basic as well as advanced reports.

New option in Console user accounts to allow/disallow a user to run reports.

Several new advanced report templates included with Console on installation, including:

Faster version of Activity Summary By Contact

Activity Summary By Contact And Remote Address

Bandwidth Peak Usage Per Node Per Day

Billing Summary By Month And Contact

Faspex Activity Summary By Day

Faspex Last Download By Contact

New option to filter Billing Report by Contact

Console Transfers

Smart and simple transfers now fully support the new ascp4 ultra-fast transfer binary for initiating transfers, dynamic bandwidth control, and reporting.

Admins can edit smart transfers owned by another admin. Editing another admin's smart transfer changes ownership of the transfer to the admin who last made a change.

New transfer options including Preserving UID and GID, Archive after Transfer, and the Exclude Newer Than option, which filters out files modified within a specified time to prevent Console from sending incomplete files.

Simple and smart Transfers now support the addition of descriptive tags, and the Smart Transfer table is sortable and filterable by tag, name, or owner.

New global configuration option to "Use proxy for remote browsing". When Console does not have direct access to the public internet, this option supports file browsing and ‘test login’ via an Aspera proxy for both managed and unmanaged nodes. The proxy is automatically used for browsing/test unless the target address is in the private address space.

Session Logging and Search

New screens allow admins to inspect raw session record data for transfers.

Console now emails new users a randomized password if the administrator did not set a password for the account.

Users can change their password by selecting Change Password from the username dropdown menu.

A new administrative configuration option allows the setting of password complexity policies.

Administrators can deny a user the ability to run reports by deselecting Reports Allowed in that user's permissions.

Database Space Monitoring

Console now warns you if your database directory is running low on space.

ISSUES FIXED IN THIS RELEASE

The following is a list of major issues fixed in Console 3.0.1. A large number of minor issues, too numerous to list, were also fixed.

#25672 - If users try to add a transfer path when one with the same endpoints (but with order of endpoints swapped) already exists, Console displays the following error: "Validation failed: Equivalent path already exists for this group."

#28106 - Console now respects the disable TLS setting on email notification, allowing it to be disabled.

#28116 - Console transfers to Akamai NetStorage no longer throw an invalid argument error at the end of a transfer.

#28220 - Timeouts when configuring nodes with large numbers of accounts. The remote configuration of node settings in aspera.conf from Console now scales independently of the number of user accounts.

#28238 - File name search now searches start of file name, preventing timeouts in searching large consoles with millions of file records.

#28271 - Users can see transfers they start in reports without having the View Transfers capability explicitly set on their account.

#28453 - Console now enforces password history rules. When a user provides the same password as one of the previous passwords (3 passwords by default), the user is asked to provide a new password.

#28456 - Upon first login, new users are forced to change the randomly generated password they received in their account activation emails.

#28465 - Removed SSLv2.0 to address a security risk.

#28465 - SSLv3.0 is removed from the Console common package in apache/conf/extra/httpd-ssl.conf in response to the Poodle attack.

#28584 - Long destination directories are automatically shortened so as to not cause unattractive wrapping on the Dashboard.

#29497 - Advanced reports that summarize data by day or month no longer fail when scheduled with a timezone different than the timezone used to display the data.

#29832, #30120 - For retried sessions, total file count, bytes transferred, and skipped files count reports the most recent session’s number and does not aggregate these statistics from prior sessions run for the same job. Skipped files are marked as such in the per file table.

#29939 - Console session IDs are extended from an integer to a long integer type, allowing for logging over 10 quintillion sessions.

#30538 - The “mark inactive” option now has a configurable timeout.

KNOWN ISSUES

#22303 - Scheduled smart transfers that were created before upgrading continue to use the old behavior, displaying dates/times using the timezone of the transfer requester, rather than trying to look up the recipient's time zone.

#22396 - If email notifications are configured for specific transfer paths on a user’s Preferences > Email Notifications page, these settings are not honored when the user clicks the Rerun link on the Activitypage on a transfer that started before Console was upgraded.

#27236 - Because Console now generates reports of the type XLSX (rather than XLS), any reports you completed before upgrading to this release of Console will no longer be accessible through the web link. However, any reports that were not completed before the upgrade (such as scheduled reports) are unaffected: if a report was configured to generate XLS, when it next runs it will generate XLSX.Workaround: Click Rerun on a completed report.

#27371 - ADFS SAML users running Chrome 36.0 on a Windows machine are currently unable to log in.Workaround: Turn off "Extended Protection" in ADFS SAML IdP. After doing so, you may at first see ADFS SAML user login failures with an "Invalid SAML response" error and infinite redirects on login. After some time, however, the failures end.

#31098 - (Linux Only) Upgrading the common components from version 1.2.9 to any newer version deletes the /usr/bin/asctl symlink. Workaround: Installing Console or Orchestrator after upgrading the common components will recreate the missing link during the installation process.

OTHER RESOURCES

PRODUCT SUPPORT

For on-line support resources for Aspera products, including raising new support tickets, please visit theAspera Support Portal. Note that you may have an existing account if you contacted the Aspera support team in the past. Before creating a new account, first try setting a password for the email that you use to interact with us. You may also call one of our regional support centers.